Table of Contents
Advertisement
Network and Security Manager Administration Guide
Specifying the OS and Version
Determining Port Mode (ScreenOS Devices Only)
104
You can also add multiple JUNOS devices using the Device Discovery Rule wizard, which
scans a range of IP addresses looking for JUNOS devices that match specific criteria.
Additionally, you can use the Activate Many Devices wizard to create configlets for and
activate multiple ScreenOS devices at one time for use with Rapid Deployment. However,
you cannot activate multiple ScreenOS devices without creating configlets. For details,
see "Using Rapid Deployment (ScreenOS Only)" on page 138.
During the Add Device or Add Many Devices process, you might need to specify the
operating system and version that is running on the device or devices:
For devices that use a static IP address, you do not need to specify the operating system
or the OS version. NSM automatically detects this information during the add process.
For undeployed devices or for devices that use a dynamically assigned IP address, you
must specify the operating system name and OS version of the device. NSM validates
the version during the model or add process.
Additionally, ensure that the devices you are adding to NSM are running a supported
version of the OS. For example, NSM no longer supports devices running 4.x or earlier
versions of ScreenOS. If you are not running a supported version, you must upgrade your
devices before adding them into the management system. Contact Juniper Networks
customer support for details.
For some ScreenOS security devices, you can select a port mode during the model or add
device process. The port mode automatically sets different port, interface, and zone
bindings for the device. Port refers to a physical interface on the back of the physical
security device; ports are referenced by their labels: Untrusted, 1-4, Console, or Modem.
Interface refers to a logical interface that you can configure after you have added the
device to the management system. You can bind each port to only one interface, but you
can bind multiple ports to a single interface.
On the NetScreen-5XT and NetScreen-5GT devices, you can configure one of the following
port modes:
Trust-Untrust Port Mode on page 105
Home-Work Port Mode on page 105
Dual-Untrust Port Mode on page 106
Combined Port Mode on page 106
Trust-Untrust-DMZ Port Mode on page 107
Trust/Untrust/DMZ (Extended) Mode on page 108
DMZ-Dual-Untrust Port Mode on page 109
Port Mode Summary on page 110
Changing the Port Mode on page 111
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
